System and method for appliance configuration identification and profile management

ABSTRACT

A new approach is proposed to support appliance configuration identification and profiling management. An appliance scanning component running on an appliance is configured to scan, examine, and determine current configuration of the appliance including hardware components and/or software components installed on the appliance. The configuration of the appliance is then provided to an appliance profiling engine running on a server, wherein the appliance profiling engine hashes the configuration of the appliance into a unique identifier of the appliance and look up a model of the appliance from an appliance profiling database using the unique identifier as a key. If the configuration of the appliance is not found, the appliance profiling engine identifies discrepancies between the configuration of the appliance and other appliances in the appliance profiling database to determine if the appliance is a new model, a revision of an existing model, or is simply misconfigured.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application claims the benefit of U.S. Provisional PatentApplication No. 63/305,751, filed Feb. 2, 2022, which is incorporatedherein in its entirety by reference.

BACKGROUND

A company may manufacture and provide to its customers a wide variety ofappliances, which can include but are not limited to computing devices,communication devices, storage devices, and other types of electronicdevices. These appliances can be characterized and differentiated bycharacteristics of their included/installed hardware and/or softwarecomponents including but not limited to types of CPUs and othermicroprocessors, amount of memory (e.g., RAM), quantities andconfigurations of storage drives, operating systems (OS), firmware(e.g., BIOS, which is a firmware used to perform hardware initializationduring a booting process), and many other types of components. In someembodiments, these appliances are manufactured and assembled through thesame manufacturing process at a facility associated with the company. Insome embodiments, the appliances are produced and queued on an as-neededbasis in response to sales and inventory demands for the appliance.

In view of the wide variety of the appliances it provides, the companyneeds to identify the hardware and/or software components going into orinstalled on each appliance in order to properly provision and assigncorrect product mode/name to each appliance so that the appliance can beincluded in an inventory management system. For a non-limiting example,one appliance unit having four rotational hard disk drives (HDDs) of aspecific type, 32 GB of RAM, and specific types of motherboards and CPUsshould be identified and named as a backup appliance (e.g., BarracudaBackup Appliance 390), while another appliance with a solid state drive(SSD) and 8 GB of RAM etc. should be identified as a firewall (e.g., NGFirewall F12). In some embodiments, the company may further need toidentify subtle revisions within each type of appliances. For anon-limiting example, Backup Appliance 390 may contain different brandsof hard disk drives and/or with different firmware installed.

The foregoing examples of the related art and limitations relatedtherewith are intended to be illustrative and not exclusive. Otherlimitations of the related art will become apparent upon a reading ofthe specification and a study of the drawings.

BRIEF DESCRIPTION OF THE DRAWINGS

Aspects of the present disclosure are best understood from the followingdetailed description when read with the accompanying figures. It isnoted that, in accordance with the standard practice in the industry,various features are not drawn to scale. In fact, the dimensions of thevarious features may be arbitrarily increased or reduced for clarity ofdiscussion.

FIG. 1 depicts an example of a system diagram to support applianceconfiguration identification and profiling management in accordance withan aspect of the present embodiments.

FIG. 2 depicts a flowchart of an example of a process to supportappliance configuration identification and profiling management inaccordance with an aspect of the present embodiments.

DETAILED DESCRIPTION OF EMBODIMENTS

The following disclosure provides many different embodiments, orexamples, for implementing different features of the subject matter.Specific examples of components and arrangements are described below tosimplify the present disclosure. These are, of course, merely examplesand are not intended to be limiting. In addition, the present disclosuremay repeat reference numerals and/or letters in the various examples.This repetition is for the purpose of simplicity and clarity and doesnot in itself dictate a relationship between the various embodimentsand/or configurations discussed.

A new approach is proposed that contemplates systems and methods tosupport appliance configuration identification and profiling management.Under the proposed approach, an appliance scanning component running onan appliance is configured to scan, examine, and determine currentconfiguration of the appliance including a plurality of hardwarecomponents and/or software components installed on the appliance. Thecollected configuration of the appliance is then provided to anappliance profiling engine running on a server, wherein the applianceprofiling engine is configured to hash the configuration of theappliance into a unique identifier of the appliance and look up a modelof the appliance from an appliance profiling database using the uniqueidentifier as a key. If the configuration of the appliance is not foundin the appliance profiling database, the appliance profiling engine isconfigured to identify discrepancies between the configuration of theappliance and other appliances in the appliance profiling database inorder to determine if the appliance is a new model, a revision of anexisting model, or is simply misconfigured (e.g., wrong amount of RAMused). If the appliance is a new model or revision of an existing model,the appliance is assigned and registered with the new model name and/orrevision number, which is provided back to the appliance foridentification. If the appliance is misconfigured, the applianceprofiling engine additionally provides one or more correct configurationfiles and/or packages to the appliance for reconfiguration of theappliance.

Under the proposed approach, the hardware and/or software configurationsas well as other information or metrics of all appliances beingmanufactured or having been deployed can be monitored and collected inreal time. Based on the information collected, a user (e.g., amanufacturer of the appliances) may adjust the configurations of theappliances and their model or revision numbers adaptively based on thecurrent demand for the appliances. For a non-limiting example, when anew appliance is to be produced, a new model name/number or a revisionto an existing model is generated and registered, and a newconfiguration file/package can be provided to adjust the currentconfiguration of the appliance. In some embodiments. the collectedinformation of each appliance may serve as a birth certificate orfingerprint for the appliance for authentication purposes and to detect,prevent, and/or remediate tampering of the appliance.

FIG. 1 depicts an example of a system diagram 100 to support applianceconfiguration identification and profiling management. Although thediagrams depict components as functionally separate, such depiction ismerely for illustrative purposes. It will be apparent that thecomponents portrayed in this figure can be arbitrarily combined ordivided into separate software, firmware and/or hardware components.Furthermore, it will also be apparent that such components, regardlessof how they are combined or divided, can execute on the same host ormultiple hosts, and wherein the multiple hosts can be connected by oneor more networks.

In the example of FIG. 1 , the system 100 includes an appliance scanningcomponent 104 and an appliance provisioning component 106 running on anappliance 102, an appliance profiling engine 108 running on a server110, and an appliance profiling database 112 associated with theappliance profiling engine 108. Each of the appliance, device, server,and/or host (refer to herein as the “computing unit”) running thecomponents and/or engines in the system 100 includes softwareinstructions stored in a storage unit such as a non-volatile memory(also referred to as secondary memory) of the computing unit. When thesoftware instructions are executed, at least a subset of the softwareinstructions is loaded into a memory (also referred to as primarymemory) by the computing unit, the computing unit becomes a specialpurposed one for practicing one or more processes.

In the example of FIG. 1 , each computing unit running the components inthe system 100 can be a computing device, a communication device, astorage device, or any computing device capable of running a softwarecomponent. For non-limiting examples, a computing device can be but isnot limited to a server machine, a laptop PC, a desktop PC, a tablet, aGoogle Android device, an iPhone, an iPad, and a voice-controlledspeaker or controller. Each computing unit has a communication interface(not shown) for communicating with each other over a communicationnetwork (not shown), which can be but is not limited to Internet,intranet, wide area network (WAN), local area network (LAN), wirelessnetwork, Bluetooth, WiFi, and mobile communication network for internalcommunications among entities, components, and users of an organization.The physical connections of the communication network and thecommunication protocols are well known to those of skilled in the art.

In the example of FIG. 1 , the appliance scanning component 104 runningon an appliance 102 is configured to examine the appliance 102 and todetermine the current hardware and/or software configurations and/orspecifications of the appliance 102 in terms of a plurality of hardwarecomponents included in the appliance 102. Here, the hardware and/orsoftware configurations of the appliance 102 include but are not limitedto numbers and types of one or more of storage devices such as hard diskdrives (HDDs), solid state drives (SSDs), and/or flash (e.g., NAND)drives, memories such as Random Access Memory (RAM), including but notlimited to SRAM and DRAM, and/or caches, processors such as CPUs, GPUs,and/or other microprocessors, boards such as mother boards, cards suchas graphics cards, network communication cards, operating systems (OS),firmware (e.g., BIOS), and other hardware and/or software components onthe appliance. In some embodiments, the appliance scanning component 104is a software program deployed to and installed on the appliance 102 inthe form of a software package or plugin during manufacturing and/ordeployment of the appliance 102. Once the hardware and/or softwareconfigurations of the appliance 102 has been determined, the appliancescanning component 104 is configured to create and transmit a profile ofthe appliance 102 to the appliance profiling engine 108 running on theserver 110, wherein the profile includes the hardware and/or softwareconfigurations and optionally other information (e.g., an IP address) ofthe appliance 102. In some embodiments, the appliance scanning component104 is configured to transmit the profile of the appliance 102 to theappliance profiling engine 108 via a representational state transfer(REST) application programming interface (API), wherein the REST APIallows the appliance scanning component 104 to interact with a RESTfulweb service provided by the appliance profiling engine 108.

In the example of FIG. 1 , the appliance profiling engine 108 isconfigured to accept the profile of the appliance 102 and to create aunique identifier of the appliance 102 by hashing the hardware and/orsoftware configurations of the appliance 102 via a hashing algorithm.The appliance profiling engine 108 is then configured to look up theappliance 102 from the appliance profiling database 112 using the hashedunique identifier of the appliance 102 as the key. Here, the applianceprofiling database 112 is configured to maintain appliance informationincluding but not limited to one or more of model, version, revision,configurations and specifications of each of a plurality of appliancesthat have been registered and/or in use. In some embodiments, theappliance information in the appliance profiling database 112 is indexedby an unique identifier representing each of the plurality of appliancesand its hardware and/or software configurations. In some embodiments,the appliance profiling engine 108 is configured to retrieve and providethe hardware and/or software configurations of the appliances in theappliance profiling database 112 to a user of the system 100 uponrequest in real time via a user interface (UI) or an API.

If the appliance 102 is found in the appliance profiling database 112using the hashed unique identifier of the appliance 102, the applianceprofiling engine 108 is configured to retrieve information (e.g., model,version, revision, and specifications) of the appliance 102 from theappliance profiling database 112 and to provide the retrievedinformation of the appliance 102 to the appliance provisioning component106 running on the appliance 102 for self-identification via, for anon-limiting example, the REST API. If the appliance 102 is not found inthe appliance profiling database 112, indicating that the configurationsof the appliance 102 is new or previously unknown (e.g., has not beenreceived before), the appliance profiling engine 108 is configured toidentify one or more differences/discrepancies between the hardwareand/or software configurations of the appliance 102 and other appliancesin the appliance profiling database 112 having similar but not identicalhardware and/or software configurations as the appliance 102. In someembodiments, the appliance profiling engine 108 is configured toprovide/report the differences in configurations to a user of the system100 via an electronic communication or notification and/or enable theuser to retrieve the differences in configurations via the UI or API.

If it is determined that the appliance 102 is a new model or a newrevision/version of an existing model, the appliance profiling engine108 is configured to assign and register the appliance 102 with one ormore of a new serial number, a new model name and/or number, and a newrevision/version number in the appliance profiling database 112 togetherwith the hardware and/or software configurations of the appliance 102and its unique identifier. In some embodiments, the appliance profilingengine 108 is configured to transmit the one or more of the new serialnumber, the new model name and number, the new revision/version numberto the appliance provisioning component 106 running on the appliance102. If it is determined that the differences is due to the fact thatthe appliance 102 is misconfigured, e.g., wrong type or amount of RAM orwrong version of OS or firmware is used in the appliance 102, theappliance profiling engine 108 is configured to inform the applianceprovisioning component 106 running on the appliance 102 with a provisionpayload containing one or more reconfiguration files and/or packages.The appliance provisioning component 106 is configured to adjust theconfiguration of the appliance 102 according to the provision payload.In some embodiments, the appliance provisioning component 106 isconfigured to install and execute a provided software (e.g., a softwareor plug-in) on the appliance 102 in order to adjust the configuration ofthe appliance 102.

In some embodiments, the appliance profiling engine 108 is configured tomonitor and gather metrics of a plurality of appliances beingmanufactured and/or deployed, wherein such metrics include but are notlimited to one or more of number of models and/or revisions of theappliances along with their serial numbers and other unique identifiers(e.g., SKUs). In some embodiments, the appliance profiling engine 108 isconfigured to provide the gathered metrics of the appliances to the uservia the API and/or a web-based browser. If it is determined that theappliance 102 belongs to an old model that has been discontinued andshould no longer be in production or be deployed, the applianceprofiling engine 108 is configured to de-register the model of theappliance 102 from the appliance profiling database 112 and to informthe appliance provisioning component 106 running on the appliance 102 tostop producing the model of the appliance 102. In some embodiments, theappliance profiling engine 108 is configured to alert a user if it isdetermined that the configurations of the appliance 102 has been alteredduring manufacturing or deployment, indicating that the appliance 102may have been tampered with. In this case, the appliance 102 is markedas un-trusted and access to the appliance 102 is revoked. In someembodiments, the appliance profiling engine 108 is configured to updateor fix/remediate the tampered appliance 102 by providing the latestfirmware or security features to the appliance 102 via the provisionpayload.

Use Case—Appliance Testing

Many companies that manufacture appliances on a large scale typicallyhave a series of test scripts that run on the appliances with or withoutload for testing purposes. The testing of the appliances also ofteninvolves external infrastructure (e.g., network, databases, printers,etc.) needed for testing the relevant functionalities of the appliances.With the proposed approach, the configuration information of allappliances to be tested are collected and readily available duringtesting. With the available configuration information of the appliances,the entire set of tools needed for testing the appliances can be highlyportable and deployable “on-demand” according to the configurationinformation of the appliances. In fact, for every appliance thatundergoes testing, one or more instances of the set of the testing toolscan be configured, combined, and deployed in real-time based on theconfigurations of the appliance being tested. The combination of thetesting tools can be dis-assembled after the testing is complete. Here,the set of testing tools includes but is not limited to a combination ofvirtual machines, switches, and containers that get configuredautomatically as they are launched for testing of the appliances.

FIG. 2 depicts a flowchart 200 of an example of a process to supportappliance configuration identification and profiling management.Although the figure depicts functional steps in a particular order forpurposes of illustration, the processes are not limited to anyparticular order or arrangement of steps. One skilled in the relevantart will appreciate that the various steps portrayed in this figurecould be omitted, rearranged, combined and/or adapted in various ways.

In the example of FIG. 2 , the flowchart 200 starts at block 202, wherecurrent configuration of an appliance is examined and determinedincluding a plurality of hardware components and/or software componentsinstalled on the appliance. The flowchart 200 continues to block 204,where the configuration of the appliance is transmitted to an applianceprofiling engine. The flowchart 200 continues to block 206, where theconfiguration of the appliance is accepted and hashed into a uniqueidentifier of the appliance at the appliance profiling engine. Theflowchart 200 continues to block 208, where a model of the appliance islooked up from an appliance profiling database using the uniqueidentifier as a key. The flowchart 200 continues to block 210, where oneor more discrepancies between the configuration of the appliance and oneor more other appliances in the appliance profiling database areidentified if the model of the appliance is not found in the applianceprofiling database. The flowchart 200 continues to block 212, where theappliance is assigned and registered with a new model name or a newrevision number of an existing model if the appliance is determined tobe the new model or the revision of the existing model. The flowchart200 ends at block 214, where a provision payload including one or morereconfiguration files and/or packages is provided to the appliance forreconfiguration of the appliance if the appliance is determined to bemisconfigured.

One embodiment may be implemented using a conventional general purposeor a specialized digital computer or microprocessor(s) programmedaccording to the teachings of the present disclosure, as will beapparent to those skilled in the computer art. Appropriate softwarecoding can readily be prepared by skilled programmers based on theteachings of the present disclosure, as will be apparent to thoseskilled in the software art. The invention may also be implemented bythe preparation of integrated circuits or by interconnecting anappropriate network of conventional component circuits, as will bereadily apparent to those skilled in the art.

The methods and system described herein may be at least partiallyembodied in the form of computer-implemented processes and apparatus forpracticing those processes. The disclosed methods may also be at leastpartially embodied in the form of tangible, non-transitory machinereadable storage media encoded with computer program code. The media mayinclude, for example, RAMs, ROMs, CD-ROMs, DVD-ROMs, BD-ROMs, hard diskdrives, flash memories, or any other non-transitory machine-readablestorage medium, wherein, when the computer program code is loaded intoand executed by a computer, the computer becomes an apparatus forpracticing the method. The methods may also be at least partiallyembodied in the form of a computer into which computer program code isloaded and/or executed, such that, the computer becomes a specialpurpose computer for practicing the methods. When implemented on ageneral-purpose processor, the computer program code segments configurethe processor to create specific logic circuits. The methods mayalternatively be at least partially embodied in a digital signalprocessor formed of application specific integrated circuits forperforming the methods.

What is claimed is:
 1. A system, comprising: an appliance scanningcomponent running on an appliance and configured to examine anddetermine current configuration of the appliance including a pluralityof hardware components and/or software components installed on theappliance; transmit the configuration of the appliance to an applianceprofiling engine; said appliance profiling engine running on a serverand configured to accept and hash the configuration of the applianceinto a unique identifier of the appliance; look up a model of theappliance from an appliance profiling database using the uniqueidentifier as a key; identify one or more discrepancies between theconfiguration of the appliance and one or more other appliances in theappliance profiling database if the model of the appliance is not foundin the appliance profiling database; assign and register the appliancewith a new model name or a new revision number of an existing model ifthe appliance is determined to be the new model or the revision of theexisting model; provide a provision payload including one or morereconfiguration files and/or packages to the appliance forreconfiguration of the appliance if the appliance is determined to bemisconfigured.
 2. The system of claim 1, further comprising: saidappliance profiling database configured to maintain applianceinformation including one or more of model, version, revision,configurations and specifications of each of a plurality of appliancesthat have been registered and/or in use.
 3. The system of claim 1,wherein: the appliance information in the appliance profiling databaseis indexed by an unique identifier representing each of the plurality ofappliances.
 4. The system of claim 1, wherein: the hardware and/orsoftware configuration of the appliance includes one or more of numbersand types of one or more of storage devices, memories, processors,boards, cards, operating systems (OS), firmware, and other hardwareand/or software components on the appliance.
 5. The system of claim 1,wherein: the appliance scanning component is configured to transmit theconfiguration of the appliance to the appliance profiling engine via arepresentational state transfer (REST) application programming interface(API).
 6. The system of claim 1, wherein: the appliance profiling engineis configured to retrieve information of the appliance from theappliance profiling database and to provide the retrieved information tothe appliance for self-identification.
 7. The system of claim 1,wherein: the appliance profiling engine is configured to provide thediscrepancies in configurations to a user via an electroniccommunication or notification and/or enable the user to retrieve thediscrepancies in configurations.
 8. The system of claim 1, furthercomprising: an appliance provisioning component running on the applianceand configured to adjust the configuration of the appliance according tothe provision payload.
 9. The system of claim 8, wherein: the applianceprovisioning component is configured to install and execute a providedsoftware on the appliance in order to adjust the configuration of theappliance.
 10. The system of claim 1, wherein: the appliance profilingengine is configured to monitor and gather metrics of a plurality ofappliances being manufactured and/or deployed, wherein the metricsinclude one or more of number of models and/or revisions of theplurality of appliances along with their serial numbers and other uniqueidentifiers.
 11. The system of claim 10, wherein: the applianceprofiling engine is configured to de-register the model of the appliancefrom the appliance profiling database if it is determined that theappliance belongs to an old model that has been discontinued and shouldno longer be in production or be deployed.
 12. The system of claim 10,wherein: the appliance profiling engine is configured to alert a user ifit is determined that the configurations of the appliance has beenaltered during manufacturing or deployment.
 13. The system of claim 12,wherein: the appliance profiling engine is configured to update or fixthe appliance by providing the latest firmware or security features tothe appliance via the provision payload.
 14. A computer-implementedmethod, comprising: examining and determining current configuration ofan appliance including a plurality of hardware components and/orsoftware components installed on the appliance; transmitting theconfiguration of the appliance to an appliance profiling engine;accepting and hashing the configuration of the appliance into a uniqueidentifier of the appliance at the appliance profiling engine; lookingup a model of the appliance from an appliance profiling database usingthe unique identifier as a key; identifying one or more discrepanciesbetween the configuration of the appliance and one or more otherappliances in the appliance profiling database if the model of theappliance is not found in the appliance profiling database; assigningand registering the appliance with a new model name or a new revisionnumber of an existing model if the appliance is determined to be the newmodel or the revision of the existing model; providing a provisionpayload including one or more reconfiguration files and/or packages tothe appliance for reconfiguration of the appliance if the appliance isdetermined to be misconfigured.
 15. The method of claim 14, furthercomprising: maintaining appliance information including one or more ofmodel, version, revision, configurations and specifications of each of aplurality of appliances that have been registered and/or in use in theappliance profiling database.
 16. The method of claim 14, furthercomprising: transmitting the configuration of the appliance to theappliance profiling engine via a representational state transfer (REST)application programming interface (API).
 17. The method of claim 14,further comprising: retrieving information of the appliance from theappliance profiling database and providing the retrieved information tothe appliance for self-identification.
 18. The method of claim 14,further comprising: providing the discrepancies in configurations to auser via an electronic communication or notification and/or enable theuser to retrieve the discrepancies in configurations.
 19. The method ofclaim 14, further comprising: processing the software updateasynchronously, wherein the software update sandbox takes time tomonitor the behavior of the software update installed on the softwareupdate sandbox before making the software update available to theintended recipient.
 20. The method of claim 14, further comprising:adjusting the configuration of the appliance according to the provisionpayload.
 21. The method of claim 20, further comprising: installing andexecuting a provided software on the appliance in order to adjust theconfiguration of the appliance.
 22. The method of claim 14, furthercomprising: monitoring and gathering metrics of a plurality ofappliances being manufactured and/or deployed, wherein the metricsinclude one or more of number of models and/or revisions of theplurality of appliances along with their serial numbers and other uniqueidentifiers.
 23. The method of claim 22, further comprising:de-registering the model of the appliance from the appliance profilingdatabase if it is determined that the appliance belongs to an old modelthat has been discontinued and should no longer be in production or bedeployed.
 24. The method of claim 22, further comprising: alerting auser if it is determined that the configurations of the appliance hasbeen altered during manufacturing or deployment.
 25. The method of claim24, further comprising: updating or fixing the appliance by providingthe latest firmware or security features to the appliance via theprovision payload.